In 2015 TalkTalk had a cyber-attack committed on its website, where approximately 157,000 of its customers' personal details were accessed. In response the UK Information Commissioner's Office declared: "Telecoms company TalkTalk has been issued with a record 400K fine by the ICO for security failings that allowed a cyber-attacker to access customer data 'with ease'". The General Data Protection Regulation (GDPR) as it applies in the UK, is adopted via the Data Protection Act 2018. Article 5 of the GDPR sets out seven key principles. Identify the data protection principle that can be cited to substantiate the action taken by the ICO against TalkTalk? Make sure you cite the reference(s) to show where you sourced this information from. Use Harvard Referencing and ensure that you have both intext reference(s) and the full reference(s) provided.

Please include the URL of the website you got the information from under each reference.